Skype has hundreds of millions of users being the biggest VOIP service provider around, so when allegations of misconduct around user privacy begin to emerge, it’s really something to pay attention to. This is exactly what’s happening now after Skype gave a 16-year old’s information to an IT security company without any legal obligation to do so.

The whole story began when Paypal hired iSIGHT Partners, a Dutch cyber security firm, to deal with all the attacks coming from Anonymous over the whole WikiLeaks/Paypal debacle. Joep Gommers, senior director of global research at iSIGHT began researching and eventually got hold of the pseudonym of one of the supposed attackers, a 16-year old Dutch citizen.

Gommers contacted Skype, who incidentally were one of his firm’s clients, and requested the account information of the suspect. Skype handed over the user’s information without any legal obligation to do so. This includes the boy’s user name, real name, e-mail addresses and the home address used for payment.

"You would imagine that subscriber data aren't simply handed over. They have to be provided when the police has a valid demand or court order, but not in any other case" said Gerrit-Jan Zwenne, a professor of Law and Information Society in Leiden. He went on to add he is not sure whether the law allows technology companies such as Skype to simply hand over private information without a court order.

As for Skype themselves they declared they take user privacy very seriously and they only release it when mandated by the courts. According to them they are conducting an internal investigation as to how user data got in the hands of a private firm.